]> git.koha-community.org Git - koha.git/log
koha.git
2 years agoBug 29754: Unit test
Nick Clemens [Wed, 22 Dec 2021 15:20:16 +0000 (15:20 +0000)]
Bug 29754: Unit test

This adds a unit test to the SIP code

It also adds some spacing and dividers to make the tests for 'relationships_debt' easier to read

To test:
prove -v t/db_dependent/Koha/Patron.t - passes and is readable
prove -v t/db_dependent/SIP/Patron.t - fails

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29966: Dont pass authnotrequired true and flags together
Marcel de Rooy [Fri, 28 Jan 2022 09:59:15 +0000 (09:59 +0000)]
Bug 29966: Dont pass authnotrequired true and flags together

Test plan:
Logout in OPAC.
Goto sco help page.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29230: Add Koha::Patron->messages
Jonathan Druart [Thu, 21 Oct 2021 07:57:38 +0000 (09:57 +0200)]
Bug 29230: Add Koha::Patron->messages

Add methods to return the messages attached to a patron.

It will add the capability to access them from notice templates.

Test plan:
Define some messages for a given patron
Go to the circulation page of the patron and confirm that they are still
displayed

Test the notice templates:
Add to HOLD_SLIP the following content
"""
[% SET messages = borrower.messages %]
[% IF messages.count %]
Messages:
<ul>
  [% FOR m IN messages.search( message_type => 'L' ) %]
    <li>[% m.message %]</li>
  [% END %]
</ul>
[% END %]
"""

To display all the messages from staff ('L')

Adapt following your needs.

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Stina Hallin <stina.hallin@ub.lu.se>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29785: Rename Koha::Object->message with ->object_messages
Jonathan Druart [Tue, 4 Jan 2022 13:28:26 +0000 (14:28 +0100)]
Bug 29785: Rename Koha::Object->message with ->object_messages

It will conflict with other ->messages methods, it's too generic.

Bug 29230 needs Koha::Patron->messages to return Koha::Patron::Messages for instance.

Test plan:
Confirm that the tests modified by this patch still pass

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 28977: Fix cat_issues_top.pl report with strict SQL modes
Michael Hafen [Fri, 14 Jan 2022 18:35:05 +0000 (11:35 -0700)]
Bug 28977: Fix cat_issues_top.pl report with strict SQL modes

To get the 'Most circulated items' report to run in ONLY_FULL_GROUP_BY
Sql mode.

Test plan:

Turn on strict_sql_modes ( make sure <strict_sql_modes> is 1 in KOHA_CONF )
Go to Reports -> Most circulated items
submit the form.

Without the patch you get an error like:
CGI::Compile::ROOT::usr_local_koha_master_reports_cat_issues_top_2epl::calculate(): DBI Exception: DBD::mysql::st execute failed: Expression #4 of SELECT list is not in GROUP BY clause and contains nonaggregated column 'koha_main_v4.items.itemcallnumber' which is not functionally dependent on columns in GROUP BY clause; this is incompatible with sql_mode=only_full_group_by [for Statement "SELECT DISTINCT biblio.title, COUNT(biblio.biblionumber) AS `RANK`, biblio.biblionumber AS ID, itemcallnumber as CALLNUM, ccode as CCODE, location as LOC FROM `old_issues`
                  LEFT JOIN items USING(itemnumber)
                  LEFT JOIN biblio USING(biblionumber)
                  LEFT JOIN biblioitems USING(biblionumber)
                  LEFT JOIN borrowers USING(borrowernumber)
                  WHERE 1 AND old_issues.issuedate > '2020-08-03' AND old_issues.issuedate < '2021-05-17' AND old_issues.returndate > '2020-08-27' AND old_issues.returndate < '2021-06-01' AND old_issues.branchcode like '403' AND items.itype like 'F' AND ccode like 'FIC' AND borrowers.categorycode like 'ST' group by biblio.biblionumber order by `RANK` DESC"] at /usr/local/koha_master/reports/cat_issues_top.pl line 67
 at /usr/share/perl5/DBIx/Class/Exception.pm line 77

With the patch you will see the report results view.

Signed-off-by: David Nind <david@davidnind.com>
JD Amended patch - adjust commit's title

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 11873: Compiled CSS
Fridolin Somers [Thu, 10 Feb 2022 01:17:39 +0000 (15:17 -1000)]
Bug 11873: Compiled CSS

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 11873: (QA follow-up) Add missing TT filters
Fridolin Somers [Thu, 10 Feb 2022 01:16:32 +0000 (15:16 -1000)]
Bug 11873: (QA follow-up) Add missing TT filters

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 11873: Remove decoration on current authority
Jonathan Druart [Thu, 27 Jan 2022 10:10:34 +0000 (11:10 +0100)]
Bug 11873: Remove decoration on current authority

Previously the current authority was not styled like a link. It was
useful to have a visual feedback knowing which authority is currently
displayed.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 11873: Upgrade jstree jQuery plugin to the latest version
Owen Leonard [Wed, 10 Nov 2021 15:42:08 +0000 (15:42 +0000)]
Bug 11873: Upgrade jstree jQuery plugin to the latest version

This patch upgrades the jstree plugin in the OPAC and the staff
interface. The old version had compatibility issues with the latest
jQuery.

Also changed: When viewing an authority record in the OPAC's MARC view,
clicking one of the hierarchy links should now open the MARC view again
rather than reverting to the normal view.

To test, apply the patch and rebuild the staff interface and OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).

To test you must have the AuthDisplayHierarchy system preference
enabled, and you must have some authorities data which can be displayed
as a hierarchy. From the test plan for Bug 8523:

"Create authority records with a hierarchy of see also fields (in
 MARC21/NORMARC, you'll be using 5xx fields for this, with a subfield
 $w = 'g' for broader terms and subfield $w = 'h' for narrower terms)"

- Perform an authority search in the OPAC which will return one of your
  modified authority records.
- View the record.
- There should be an expanded tree menu at the top of the authority
  information.
  - Clicking the arrows in the tree should correctly expand
    and collapse the nodes.
  - Clicking the authority record link in the node should load that
    record.
- Test also from the OPAC's MARC view of the authority record.
  - Confirm that clicking an authority record link in the MARC view
    opens the corresponding record in MARC view again.

- Perform the same tests in the staff interface.

Signed-off-by: Eugene Espinoza <eugenegf@yahoo.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29932: Use localStorage instead of cookie for bibs_selected
Owen Leonard [Fri, 21 Jan 2022 13:05:40 +0000 (13:05 +0000)]
Bug 29932: Use localStorage instead of cookie for bibs_selected

This patch replaces the use of the jquery.cookie.js plugin in the
"Browse selected records" feature. The feature is modified to use
localStorage instead of cookies.

To test, apply the patch and go to Administration -> System preferences.

 - Enable the "BrowseResultSelection" system preference.
 - Perform a catalog search which will return multiple results.
 - On the search results page, check the checkbox for a number of
   titles.
 - Click the "Browse selected biblios" button in the toolbar.
 - You should be directed to the detail page for the first title you
   checked.
 - Clicking the right-arrow in the sidebar should take you
   through each one of your selected titles.
 - When you click the "Results" link in the sidebar you should be
   returned to the same search results set and the same titles should be
   checked.
 _ If you uncheck those titles and reload the page the checkboxes should
   remain unchecked.
 - If you log out of the staff interface the "bibs_selected" item in
   localStorage should be deleted. See, for example,
   https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector for
   information about viewing local storage.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29933: Fix stray usage of jquery.cookie.js plugin
Owen Leonard [Mon, 24 Jan 2022 18:33:30 +0000 (18:33 +0000)]
Bug 29933: Fix stray usage of jquery.cookie.js plugin

This patch removes a few instances where the old cookie plugin was still
being used for deleting cookies even though the new plugin is being used
to set the cookies.

To test, apply the patch and test the following processes in the staff
interface:

Search to hold:

 - View a patron record and click the "Search to hold" button.
 - Perform a catalog search which will return results.
 - On the search results page there should be a "Place hold for
   <patron>" link under each holdable title.
 - Click the "Place hold" button's dropdown arrow and choose "Forget
   <patron>." The "Place hold for..." links should disappear.

Search to hold for a patron club:

 - If necessary, create a patron club.
 - Add one or more patrons to the club.
 - In Tools -> Patron clubs, find the club you added patrons to.
 - Click the "Actions" button and then "Search to hold."
 - Perform a catalog search which will return results.
 - On the search results page there should be a "Place hold for
   <club>" link under each holdable title.
 - Click the "Place hold" button's dropdown arrow and choose
   "Forget <club>." The "Place hold for..." links should disappear.

Batch item modification show/hide columns:

 - Go to Tools -> Batch item modification.
 - Submit a list of items for modification.
 - Uncheck some checkboxes to hide columns on the page showing the items
   you submitted.
 - In the browser's storage inspector (e.g.
   https://developer.mozilla.org/en-US/docs/Tools/Storage_Inspector),
   should see a "showColumns" cookie with a string of numbers and
   slashes.
 - Click the "Show all columns" checkbox.
 - The "showColumns" cookie should disappear.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29881: libdbd-sqlite2-perl is unavailable on deb12 (koha-common wont install)
Mason James [Fri, 14 Jan 2022 06:44:24 +0000 (19:44 +1300)]
Bug 29881: libdbd-sqlite2-perl is unavailable on deb12 (koha-common wont install)

to test...

- attempt to install koha-common pkg on deb12

  confirm error...
   The following packages have unmet dependencies:
   koha-common : Depends: libdbd-sqlite2-perl but it is not installable

- apply patch, rebuild new package

- install new koha-common pkg on deb12 successfully

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 30045: (bug 29543 follow-up) Fix SCO print slip
Jonathan Druart [Tue, 8 Feb 2022 11:12:22 +0000 (12:12 +0100)]
Bug 30045: (bug 29543 follow-up) Fix SCO print slip

Certainly since bug 29543 and bug 29914.

We should do the same authentication check than sco-main.pl, and also
make sure to generate the checkout history only for the logged in patron
(the OPAC one, not staff member)

Test plan:
Use the different combinations of the SCO config (AutoSelfCheckAllowed,
SelfCheckoutByLogin and WebBasedSelfCheck) and confirm that this patch
fixes the SCO print slip feature.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29735: Fix flatpickr init from circulation.tt
Jonathan Druart [Fri, 21 Jan 2022 08:44:11 +0000 (09:44 +0100)]
Bug 29735: Fix flatpickr init from circulation.tt

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29859: (QA follow-up) Minor typo correction
Martin Renvoize [Thu, 3 Feb 2022 14:43:13 +0000 (14:43 +0000)]
Bug 29859: (QA follow-up) Minor typo correction

We introduced a tiny bug with a typo in the patchset, the accessor
method is called 'get_column' not 'get_columns'.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29859: Use iterator instead of as_list
Jonathan Druart [Wed, 12 Jan 2022 14:40:36 +0000 (15:40 +0100)]
Bug 29859: Use iterator instead of as_list

On bug 29844 we decided to remove wantarray from Koha::Objects->search.
Reviewing the difference occurrences I found some unnecessary uses of ->as_list,
where iterators should be used instead.

This patch only removes the obvious places, not the tricky ones.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29847: Make Koha::Patron::HouseboundProfile->housebound_visits return a resultset
Tomas Cohen Arazi [Wed, 2 Feb 2022 13:35:54 +0000 (10:35 -0300)]
Bug 29847: Make Koha::Patron::HouseboundProfile->housebound_visits return a resultset

This patch makes the method consistent with the rest of the codebase, by
making it return a proper resultset.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/Patron/HouseboundProfiles.t
=> SUCCESS: Tests pass!
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass!
4. Check the UI hasn't got broken either.
=> SUCCESS: It hasn't!
5. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29844: Simplify Koha::Clubs->get_enrollable
Tomas Cohen Arazi [Thu, 3 Feb 2022 13:54:25 +0000 (10:54 -0300)]
Bug 29844: Simplify Koha::Clubs->get_enrollable

This patch removes the wantarray use in Koha::Clubs->get_enrollable and
adjusts the callers.

Also, reference to some unused params in Koha::Patron clubs-related
methods are removed as well.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29844: (QA follow-up) Fix Koha::Library::Groups->all_libraries
Martin Renvoize [Thu, 3 Feb 2022 12:13:20 +0000 (12:13 +0000)]
Bug 29844: (QA follow-up) Fix Koha::Library::Groups->all_libraries

I think a rebase perhaps lost a change here.. this fix gets the unit
tests passing again.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29844: Some more uncaught cases
Tomas Cohen Arazi [Tue, 11 Jan 2022 12:42:00 +0000 (09:42 -0300)]
Bug 29844: Some more uncaught cases

Some more cases found using

$ git grep '\->search(' | grep -v -e '\->as_list' -e '\->get_column' \
      | grep '@'

and then manually looking at them.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29844: Fix ->search occurrences
Jonathan Druart [Tue, 11 Jan 2022 09:09:09 +0000 (10:09 +0100)]
Bug 29844: Fix ->search occurrences

and some more...

There are lot of inconsistencies in our ->search calls. We could
simplify some of them, but not in this patch. Here we want to prevent
regressions as much as possible and so don't add unecessary changes.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29844: Remove use of wantarray from Koha::Objects
Tomas Cohen Arazi [Mon, 10 Jan 2022 19:18:57 +0000 (16:18 -0300)]
Bug 29844: Remove use of wantarray from Koha::Objects

This patch removes the use of `wantarray` from the following methods in
the Koha::Objects class:
- search
- search_related

In both cases, the change is trivial. And the tests get the 'list
context' portion removed as well.

To test:
1. Apply this patch
2. Run:
   $ kshell
  k$ prove t/db_dependent/Koha/Objects.t
=> SUCCESS: Tests pass!
3. Sign off :-D

Caveat: we broke many things by removing the feature. Check follow-up
patches as well.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29844: Fix t/db_dependent/Koha/*
Tomas Cohen Arazi [Mon, 10 Jan 2022 20:08:24 +0000 (17:08 -0300)]
Bug 29844: Fix t/db_dependent/Koha/*

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Kyle M Hall <kyle@bywatersolutions.com>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29914: Remove 'Use of uninitialized value ' warnings
Jonathan Druart [Tue, 25 Jan 2022 10:57:01 +0000 (11:57 +0100)]
Bug 29914: Remove 'Use of uninitialized value ' warnings

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29914: (QA follow-up) Add comment to explain last case
Nick Clemens [Mon, 24 Jan 2022 14:23:29 +0000 (14:23 +0000)]
Bug 29914: (QA follow-up) Add comment to explain last case

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
JD amended patch: remove ref to line number

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29914: (QA follow-up) Expand tests to cover failure case before patches
Nick Clemens [Mon, 24 Jan 2022 14:19:24 +0000 (14:19 +0000)]
Bug 29914: (QA follow-up) Expand tests to cover failure case before patches

When asking for permissions we get 'failed', without we get 'ok'
Adding explicit checks for not 'ok'

Add a FIXME:
We should cover the case where we return 'failed' after changes, but that is a larger undertaking

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29914: (QA follow-up) Remove warn on timeout
Marcel de Rooy [Fri, 21 Jan 2022 10:50:59 +0000 (10:50 +0000)]
Bug 29914: (QA follow-up) Remove warn on timeout

The warn is:
The value of the system preference 'timeout' is not correct, defaulting to 600.

Caused by previous test.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29914: Add tests
Jonathan Druart [Fri, 21 Jan 2022 08:23:38 +0000 (09:23 +0100)]
Bug 29914: Add tests

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29914: Make check_cookie_auth compare the userid
Jonathan Druart [Thu, 20 Jan 2022 09:10:05 +0000 (10:10 +0100)]
Bug 29914: Make check_cookie_auth compare the userid

check_cookie_auth is assuming that the user is authenticated if a cookie exists
and that the login/username exists in the DB.

So basically if you hit the login page, fill the login input with a
valid username, click "login"
=> A cookie will be generated, and the sessions table will contain a
line with this session id.
On the second hit, if the username is in the DB, it will be enough to be
considered authenticated.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29903: Prevent messages to be deleted from unauthorised users
Jonathan Druart [Wed, 19 Jan 2022 10:21:54 +0000 (11:21 +0100)]
Bug 29903: Prevent messages to be deleted from unauthorised users

The "Delete" link is hidden but the controller does not do the necessary checks.

/cgi-bin/koha/circ/del_message.pl?message_id=1&borrowernumber=5&from=moremember

Test plan:
Create a message, see the "Delete" link, don't click it but copy it
Change logged in library and use the link
If AllowAllMessageDeletion is off you should be redirected to 403

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29544: (QA follow-up) Simplify code
Tomas Cohen Arazi [Wed, 12 Jan 2022 12:43:48 +0000 (09:43 -0300)]
Bug 29544: (QA follow-up) Simplify code

I think this is a better approach for the same thing. Posting it just in
case it helps.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29544: Fix opac-issue-note.pl
Jonathan Druart [Thu, 2 Dec 2021 08:04:14 +0000 (09:04 +0100)]
Bug 29544: Fix opac-issue-note.pl

We must check if logged in user is trying to modify one of their
checkouts

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29544: Ensure logged in user is allowed to modify checkout note
Jonathan Druart [Mon, 22 Nov 2021 13:56:58 +0000 (14:56 +0100)]
Bug 29544: Ensure logged in user is allowed to modify checkout note

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29542: Prevent access to private list to non authorized users
Jonathan Druart [Wed, 5 Jan 2022 14:56:24 +0000 (15:56 +0100)]
Bug 29542: Prevent access to private list to non authorized users

The catalogue permission is not enough.

Test plan:
Create a private list owned by user A
Login with user B and hit (with XX the shelfid)
  /cgi-bin/koha/virtualshelves/sendshelf.pl?shelfid=XX

You should get an error message "You do not have sufficient permission
to continue."

Login with user A
=> You should be able to send the list

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29541: Prevent users from another group to access patron's images
Jonathan Druart [Mon, 6 Dec 2021 12:58:25 +0000 (13:58 +0100)]
Bug 29541: Prevent users from another group to access patron's images

We should respect group restrictions here.

Test plan:
Create a patron from another group of libraries and don't let them
access info from patrons outside of this group.
Access the following link and confirm that you can see the image only
for patrons from their group
  /cgi-bin/koha/members/patronimage.pl?borrowernumber=XX

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29541: Restrict access to patron's image to borrowers => * and circulate => *
Jonathan Druart [Mon, 22 Nov 2021 14:29:58 +0000 (15:29 +0100)]
Bug 29541: Restrict access to patron's image to borrowers => * and circulate => *

The patron images is displayed on the 'circulation' and 'members'
modules.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29540: Raise flagsrequired in modrequest
Marcel de Rooy [Mon, 22 Nov 2021 07:55:47 +0000 (07:55 +0000)]
Bug 29540: Raise flagsrequired in modrequest

Test plan:
Try modrequest with a user having only 'catalogue' perms and the following URLs:
[1] /cgi-bin/koha/reserve/modrequest.pl?reserve_id=XX&CancelBorrowerNumber=XX&CancelItemnumber=XX&biblionumber=XX
    Fill the XXs with correct identifiers for some item level hold.
[2] /cgi-bin/koha/reserve/modrequest_suspendall.pl?suspend=1&suspend_until=2021-12-01&borrowernumber=XX
    Fill the XX with borrowernumber for borrower that has pending holds.
You should see: Error: You do not have permission to access this page.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
[AMENDED] More consensus for using reserveforothers than circulate_remaining.

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 28735: Self-checkout users can access opac-user.pl for sco user when not using...
David Cook [Thu, 22 Jul 2021 06:34:20 +0000 (06:34 +0000)]
Bug 28735: Self-checkout users can access opac-user.pl for sco user when not using AutoSelfCheckID

This patch makes the sandboxing of the selfcheckout more robust by
adding a "sco_user" session variable which is turned on when
logging into the self-checkout (either by AutoSelfCheckAllowed or manually).

If a user with this session variable turned on tries to access
other parts of the system (like the rest of the OPAC), it will
"kick out", so that the browser user will lose the authenticated session.

Test plan:
1) Apply the patch
2) koha-plack --restart kohadev
3) Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
4) Note that you are logged into the self-checkout
     So you see the login screen specific to the self-checkout.
     To log with the actual patron. It's a nested auth.
5) Go to http://localhost:8080/cgi-bin/koha/opac-main.pl
6) Note that you are not logged into the OPAC
7) Log into the staff interface and disable the
system preference AutoSelfCheckAllowed
8) Log out of the staff interface (this step is very important)
9) Go to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
10) Note that you are prompted to log into Koha
11) Login using the "koha" user (when using koha-testing-docker)
12) Note that you are logged into the self-checkout
13) Go to http://localhost:8080/cgi-bin/koha/opac-main.pl
14) Note that you are not logged into the OPAC
      Without the patch you would still be logged as "koha"
15) Go back to http://localhost:8080/cgi-bin/koha/sco/sco-main.pl
16) Note that you will need to log in again as you've lost your
session cookie
      Without the patch you will still be logged in the self-checkout
Voila!

Signed-off-by: Victor Grousset/tuxayo <victor@tuxayo.net>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29543: Set autocomplete off for SCO login fields
Nick Clemens [Wed, 5 Jan 2022 16:06:15 +0000 (16:06 +0000)]
Bug 29543: Set autocomplete off for SCO login fields

Cardnumber already had it set, adding for username and password

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29543: Add Mojo::JWT dependency
Jonathan Druart [Wed, 5 Jan 2022 15:37:49 +0000 (16:37 +0100)]
Bug 29543: Add Mojo::JWT dependency

Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29543: (follow-up) Add a warning to SelfCheckoutByLogin
Nick Clemens [Wed, 5 Jan 2022 15:29:41 +0000 (15:29 +0000)]
Bug 29543: (follow-up) Add a warning to SelfCheckoutByLogin

This updates the language to warn users of risk if using cardnumber for login and auto-self-check is enabled

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29543: Prevent user to checkin or renew items they don't own
Jonathan Druart [Wed, 5 Jan 2022 14:25:48 +0000 (15:25 +0100)]
Bug 29543: Prevent user to checkin or renew items they don't own

Checkin or renew must be restricted to the items they own.

Test plan:
Create an item with barcode bc_1
Check it in to user A
Login to SCO with user B
Get the token using the browser dev tool, from the cookie
Hit (replace $JWT)
    /cgi-bin/koha/sco/sco-main.pl?jwt=$JWT&op=renew&barcode=bc_1
    /cgi-bin/koha/sco/sco-main.pl?jwt=$JWT&op=returnbook&barcode=bc_1

You should see an error message

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29543: Enforce authentication for self-checkout
Jonathan Druart [Wed, 5 Jan 2022 11:47:10 +0000 (12:47 +0100)]
Bug 29543: Enforce authentication for self-checkout

The self-checkout feature is assuming a patron is logged in if patronid
is passed. It also assumes that "We're in a controlled environment; we
trust the user", which is terribly wrong!

This patch is suggesting to generate a JSON Web Token (JWT) to store in
a cookie and only allow action (renew, check in/out) is the token is
valid. The token is only generated once the user has been authenticated
And is removed when the user finish the session/logout.

Test plan:
You must know exactly how the self-checkout feature works to test this patch.
The 4 following sysprefs must be tested:
 SelfCheckoutByLogin, AutoSelfCheckAllowed, AutoSelfCheckID, AutoSelfCheckPass
Confirm that you can renew, checkin for the items you own, and checkout new items.
Confirm that you are not allowed to access other account's info.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29543: Add JWT token handling
Jonathan Druart [Wed, 5 Jan 2022 11:20:28 +0000 (12:20 +0100)]
Bug 29543: Add JWT token handling

Mojo::JWT is installed already, it's not a new dependency.
We need a way to send the patron a token when it's correctly logged in,
and not assumed it's logged in only if patronid is passed

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29543: Remove inputfocus variable
Jonathan Druart [Wed, 5 Jan 2022 10:25:12 +0000 (11:25 +0100)]
Bug 29543: Remove inputfocus variable

It's not used in template

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29543: Remove borrower variable
Jonathan Druart [Wed, 5 Jan 2022 10:24:12 +0000 (11:24 +0100)]
Bug 29543: Remove borrower variable

It's not needed, we have $patron

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 26102: Prevent XSS when To.json is used: unimarc_field_4XX.tt
Owen Leonard [Tue, 11 Aug 2020 17:26:18 +0000 (17:26 +0000)]
Bug 26102: Prevent XSS when To.json is used: unimarc_field_4XX.tt

To test, edit a MARC framework to link a subfield to the
unimarc_field_4XX.tt. The process of triggering the plugin and selecting
a search result from the plugin popup should work correctly.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 26102: Prevent XSS when To.json is used: subscription-add.tt
Owen Leonard [Tue, 11 Aug 2020 15:22:33 +0000 (15:22 +0000)]
Bug 26102: Prevent XSS when To.json is used: subscription-add.tt

Test the process of adding a subscription, entering both a valid vendor
ID and a non-existent vendor ID. The non-existent vendor ID should
trigger a validation alert.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 26102: Prevent XSS when To.json is used: guarantor_search.tt
Owen Leonard [Tue, 11 Aug 2020 15:05:59 +0000 (15:05 +0000)]
Bug 26102: Prevent XSS when To.json is used: guarantor_search.tt

To test, edit a patron record and go through the process of adding a
guarantor. In the guarantor search results table the address should be
displayed correctly.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 26102: Prevent XSS when To.json is used: catalogue/results.tt
Owen Leonard [Tue, 11 Aug 2020 12:57:48 +0000 (12:57 +0000)]
Bug 26102: Prevent XSS when To.json is used: catalogue/results.tt

To test, perform a search in the catalogue and verify that search term
highlighting works correctly.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 26102: Prevent XSS when To.json is used: authorities/blinddetail-biblio-search.tt
Owen Leonard [Tue, 11 Aug 2020 12:41:13 +0000 (12:41 +0000)]
Bug 26102: Prevent XSS when To.json is used: authorities/blinddetail-biblio-search.tt

Test the process of searching for and selecting an authority record for
use in the basic MARC editor.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 26102: Prevent XSS when To.json is used: authorities/authorities.tt
Owen Leonard [Tue, 11 Aug 2020 12:34:18 +0000 (12:34 +0000)]
Bug 26102: Prevent XSS when To.json is used: authorities/authorities.tt

Check that mandatory tags and subfields are correctly required when
editing an authority record.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 26102: Prevent XSS when To.json is used: admin/preferences.tt
Owen Leonard [Tue, 11 Aug 2020 12:31:26 +0000 (12:31 +0000)]
Bug 26102: Prevent XSS when To.json is used: admin/preferences.tt

Test that preference search term highlighting works correctly.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29759: (follow-up) Fix api/v1/article_requests.t
Tomas Cohen Arazi [Wed, 2 Feb 2022 12:49:57 +0000 (09:49 -0300)]
Bug 29759: (follow-up) Fix api/v1/article_requests.t

This patch makes the tests set debit_id to undef instead of random data.
This way tests don't break when $article_request->cancel is invoked and
a refund is tried.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/Letters/TemplateToolkit.t
=> FAIL: Boo, tests fail, random garbage is not a debit
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29759: (follow-up) Fix TemplateToolkit.t
Tomas Cohen Arazi [Wed, 2 Feb 2022 12:32:37 +0000 (09:32 -0300)]
Bug 29759: (follow-up) Fix TemplateToolkit.t

This patch makes the tests set debit_id to undef instead of random data.
This way tests don't break when $article_request->cancel is invoked and
a refund is tried.

To test:
1. Run:
   $ kshell
  k$ prove t/db_dependent/Letters/TemplateToolkit.t
=> FAIL: Boo, tests fail, random garbage is not a debit
2. Apply this patch
3. Repeat 1
=> SUCCESS: Tests pass!
4. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29975: (bug 21729 follow-up) Fix api/v1/holds.t
Jonathan Druart [Mon, 31 Jan 2022 09:58:42 +0000 (10:58 +0100)]
Bug 29975: (bug 21729 follow-up) Fix api/v1/holds.t

Unknown column 'patron_expiration_date' in 'field list'
The REST API routes don't need to be aware of the new column patron_expiration_date

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29976: (Bug 21729 follow-up) fix holds unit tests
Fridolin Somers [Sat, 29 Jan 2022 00:50:26 +0000 (14:50 -1000)]
Bug 29976: (Bug 21729 follow-up) fix holds unit tests

Bug 21729 added to holds table the column patron_expiration_date.

Currently test suite is failing :
https://jenkins.koha-community.org/view/master/job/Koha_Master_D10/516/testReport/

We must fix where TestBuilder is creating with source Reserve and data expirationdate :
  t/db_dependent/Holds/WaitingReserves.t
  t/db_dependent/Reserves/CancelExpiredReserves.t

Note that t/db_dependent/Reserves/CancelExpiredReserves.t does not fail
without this patch but surely we prefere change it also.

Test plan :
prove t/db_dependent/Holds/WaitingReserves.t
prove t/db_dependent/Reserves/CancelExpiredReserves.t

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29943: DBRev 21.12.00.015
Fridolin Somers [Wed, 2 Feb 2022 07:36:56 +0000 (21:36 -1000)]
Bug 29943: DBRev 21.12.00.015

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29943: Db rev: replace typo in existing notices
Marcel de Rooy [Tue, 25 Jan 2022 15:35:05 +0000 (15:35 +0000)]
Bug 29943: Db rev: replace typo in existing notices

Test plan:
Run updatedatabase.

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29943: Fix NOTIFY_MANAGER notice in sample notices
Marcel de Rooy [Tue, 25 Jan 2022 15:27:35 +0000 (15:27 +0000)]
Bug 29943: Fix NOTIFY_MANAGER notice in sample notices

Test plan:
Look good at this change, or do a new install :)

Signed-off-by: Marcel de Rooy <m.de.rooy@rijksmuseum.nl>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29596: DBRev 21.12.00.014
Fridolin Somers [Wed, 2 Feb 2022 07:30:41 +0000 (21:30 -1000)]
Bug 29596: DBRev 21.12.00.014

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29596: Add Yiddish language
Tomas Cohen Arazi [Mon, 29 Nov 2021 21:35:46 +0000 (18:35 -0300)]
Bug 29596: Add Yiddish language

This patch adds the Yiddish language to Koha. The language codes were
taken from https://www.loc.gov/standards/iso639-2/php/code_list.php

Sponsored-by: Universidad Nacional de San Martín
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: Update DBIC schema
Fridolin Somers [Wed, 2 Feb 2022 07:13:46 +0000 (21:13 -1000)]
Bug 29605: Update DBIC schema

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: DBRev 21.12.00.013
Fridolin Somers [Wed, 2 Feb 2022 07:04:59 +0000 (21:04 -1000)]
Bug 29605: DBRev 21.12.00.013

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: branchtransfers.cancellation_reason
Jonathan Druart [Thu, 2 Dec 2021 11:55:36 +0000 (12:55 +0100)]
Bug 29605: branchtransfers.cancellation_reason

reason and cancellation_reason was inversed, and the enum values were
lower cases

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: language_script_mapping.language_subtag cannot be null
Jonathan Druart [Thu, 2 Dec 2021 11:48:28 +0000 (12:48 +0100)]
Bug 29605: language_script_mapping.language_subtag cannot be null

It's a PK now

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: search_marc_map.marc_type
Jonathan Druart [Thu, 2 Dec 2021 11:37:33 +0000 (12:37 +0100)]
Bug 29605: search_marc_map.marc_type

NOT NULL was missing when MODIFY

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: additional_contents.lang
Jonathan Druart [Thu, 2 Dec 2021 11:29:37 +0000 (12:29 +0100)]
Bug 29605: additional_contents.lang

Up to 50 on bug 23797 but bug 24387 switched it back to 25 (bad
resolution conflict)

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: additional_contents.code
Jonathan Druart [Thu, 2 Dec 2021 11:28:23 +0000 (12:28 +0100)]
Bug 29605: additional_contents.code

Added 100 on 210600016, but 20 in kohastructure

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: account_offsets.type is not null
Jonathan Druart [Thu, 2 Dec 2021 11:17:12 +0000 (12:17 +0100)]
Bug 29605: account_offsets.type is not null

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: Missing FK on tmp_holdsqueue.borrowernumber (tmp_holdsqueue_ibfk_3)
Jonathan Druart [Thu, 2 Dec 2021 11:12:10 +0000 (12:12 +0100)]
Bug 29605: Missing FK on tmp_holdsqueue.borrowernumber (tmp_holdsqueue_ibfk_3)

Bad copy paste on the foreign_key_exists condition

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: (follow-up) Add language_script_mapping primary key
Tomas Cohen Arazi [Tue, 30 Nov 2021 23:06:46 +0000 (20:06 -0300)]
Bug 29605: (follow-up) Add language_script_mapping primary key

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29605: Add missing constraints from bug 15067
Tomas Cohen Arazi [Tue, 30 Nov 2021 22:44:36 +0000 (19:44 -0300)]
Bug 29605: Add missing constraints from bug 15067

This patch fixes a missed update to kohastructure.sql.

To test:
1. Checkout prior to bug 15067
(ab270c026be06f08745a14d1aea992877d20f812) would work.
2.  Run:
   $ reset_all
3. Checkout v21.11.00
4. Run:
   $ updatedatabase
   $ koha-mysql kohadev
   > SHOW CREATE TABLE language_subtag_registry;
=> SUCCESS: There's UNIQUE KEY uniq_lang (subtag, type)
5. Run:
   > SHOW CREATE TABLE language_descriptions;
=>  SUCCESS: There's UNIQUE KEY uniq_desc (subtag, type, lang)
6. Run:
   > SHOW CREATE TABLE language_rfc4646_to_iso639;
=> SUCCESS: There's UNIQUE KEY uniq_code (rfc4646_subtag, iso639_2_code)
7. Replicate a fresh install. Run:
   $ reset_all
8. Repeat 4, 5 and 6
=> FAIL: The UNIQUE constraints are not there!
9. Apply this patch
10. Run:
   $ reset_all
11. Repeat 8
=> SUCCESS: The UNIQUE constraints are there!
12. Sign off :-D

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29949: Remove use of title-numeric sorting routine from OPAC datatables JS
Owen Leonard [Wed, 26 Jan 2022 12:18:55 +0000 (12:18 +0000)]
Bug 29949: Remove use of title-numeric sorting routine from OPAC datatables JS

This patch removes the use of a specific "title-numeric" sorting routine
from the DataTables configuration of the "Most popular" table. We can
use a "data-order" attribute instead.

The patch also removes the now unused code from our custom DataTables JS
file in both the OPAC and the staff interface (where it was unused).

To test, apply the patch and make sure the OpacTopissue system
preference is enabled.

- In the OPAC, view the "Most popular" page.
- Change the filter settings, if necessary, to get multiple results.
- In the results table, confirm that sorting by number of checkouts
  still works correctly.

A search of the code for instances of "title-numeric" should return only
one in a comment in the official DataTables library.

Signed-off-by: Lucas Gass <lucas@bywatersolutions.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29967: extended width of description and opac description inputs on authorised_va...
Lucas Gass [Fri, 28 Jan 2022 20:19:08 +0000 (20:19 +0000)]
Bug 29967: extended width of description and opac description inputs on authorised_values.tt

To test:
-Go to Administration > Authorized values
-In any category, new or existing, look at an authoized value.
-The description and OPAC description inputs both have a maxlenght of 200 but you cannot see very many characters.
-Apply patch
-Look again, the inputs are much bigger and you can see many more characters.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 24220: DBRev 21.12.00.012
Fridolin Somers [Tue, 1 Feb 2022 07:13:04 +0000 (21:13 -1000)]
Bug 24220: DBRev 21.12.00.012

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 24220: Move OpacMoreSearches to HTML customizations in additional-contents
Lucas Gass [Fri, 14 Jan 2022 00:59:46 +0000 (00:59 +0000)]
Bug 24220: Move OpacMoreSearches to HTML customizations in additional-contents

To test:
1- Before applying the patch add some content to the system preference
   OpacMoreSearches
2- Apply patch
3- restart_all and updatedatabase
4. Go to additional-content.pl ( HTML customizations )
5. You should now see your content from the system preference under
   OpacMoreSearches in HTML customizations
6. Try searching for the system preference, OpacMoreSeaches. It has been
   removed and you should not be able to find it.
7. Try changing/removing/adding content from OpacMoreSearches in HTML
   customizations
8. Make sure your edits are reflected when you look at the
   OpacMoreSearch area in the OPAC.

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29212: Compiled CSS
Fridolin Somers [Tue, 1 Feb 2022 06:49:35 +0000 (20:49 -1000)]
Bug 29212: Compiled CSS

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29212: (follow-up) Restore "Clear date" text for "Suspend all holds"
Owen Leonard [Mon, 31 Jan 2022 16:31:54 +0000 (16:31 +0000)]
Bug 29212: (follow-up) Restore "Clear date" text for "Suspend all holds"

This patch restores the "Clear date to suspend indefinitely" link
associated with the "Suspend all holds" date input field.

The patch also introduces a generic ".clear-flatpickr" click handler for
Flatpickr instances.

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29212: (follow-up) Add futuredate attribute to date picker
Owen Leonard [Wed, 19 Jan 2022 16:13:26 +0000 (16:13 +0000)]
Bug 29212: (follow-up) Add futuredate attribute to date picker

This patch adds the "futuredate" attribute to the "Hold not needed
after" date field in the OPAC hold process.

To test, apply the patch and log into the OPAC.

- Locate a bibliographic record and being the process of placing a hold.
- Click "Show more options" to display the date fields.
- If the OPACAllowHoldDateInFuture system preferences is enabled:
  - Set "Hold starts on date" to a date in the future.
  - Trigger the date-picker in the "Hold not needed after" field: You
    should be limited to dates *after* the date you selected above.
- If OPACAllowHoldDateInFuture is disabled:
  - The "Hold starts on date" will no longer be present.
  - Trigger the date-picker in the "Hold not needed after" field: You
    should be limited to dates after today.

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29212: (follow-up) Fixes to suspend hold process
Owen [Mon, 1 Nov 2021 14:39:14 +0000 (14:39 +0000)]
Bug 29212: (follow-up) Fixes to suspend hold process

This patch reworks the process of suspending an individual hold from the
patron's hold list. Instead of repeating the modal markup in each line
of the holds table, a single modal is re-used.

A "focus: false" is added to the modal via a data-attribute in order to
overcome problems with selecting months and using keyboard navigation in
the calendar popup.

To test, apply the patch and log into the OPAC as a user with holds.

- View the holds tab under "Your summary."
- Click the "Suspend" button next to one of the holds.
- You should see a modal which shows the title of the item in question.
- Test that the date picker works correctly:
  - Test selecting a month and year
  - Test selecting a date both with the mouse and by using arrow keys.
  - Test that you can clear the selected date both by clicking the X and
    by clicking the text link.
- Select a date and close the modal without submitting the suspension.
- Click the "Suspend" link on another title to confirm that the date
  picker still works correctly.
- Submit a suspension and confirm that the it completes successfully.
-

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29212: (follow-up) Update missing date input
Owen Leonard [Mon, 25 Oct 2021 11:11:10 +0000 (11:11 +0000)]
Bug 29212: (follow-up) Update missing date input

I missed the "Suspend all holds" date input in previous patches.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29212: (follow-up) Incorporate linked date field code from Bug 29240
Owen Leonard [Thu, 14 Oct 2021 15:57:20 +0000 (15:57 +0000)]
Bug 29212: (follow-up) Incorporate linked date field code from Bug 29240

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29212: Use Flatpickr on OPAC pages
Owen Leonard [Wed, 13 Oct 2021 17:51:08 +0000 (17:51 +0000)]
Bug 29212: Use Flatpickr on OPAC pages

This patch adds Flatpickr assets to the OPAC (JS and SCSS). A few pages
are updated to use Flatpickr instead of jQueryUI datepickers.

jQueryUI CSS files are updated because they contain some font family
definitions which are simple to remove but overly complicated to
override. Without this change some Font Awesome icons are broken when
they appear inside jQueryUI widgets like tabs.

We don't run the risk of having this change overwritten by a future
jQueryUI upgrade because there won't be any more.

To test, apply the patch and rebuild the OPAC CSS
(https://wiki.koha-community.org/wiki/Working_with_SCSS_in_the_OPAC_and_staff_client).

- Log into the OPAC and check that date pickers on the following pages
  work correctly, including month selection, year selection, forward
  and back arrows, and "Clear date" controls:
- Go to the "Your personal details" page.
- Check the "Date of birth" field.
- With SuspendHoldsOpac enabled, view the "Your summary" page for a
  patron with pending holds.
- Click "Suspend" to confirm that the "Suspend until" datepicker
  works correctly for more than one hold.
- From the catalog search results page, select multiple results and
  click the "Place hold" link.
- On the hold confirmation page, click "Show more options" to test
  the "Hold starts on date" (with OPACAllowHoldDateInFuture enabled)
  and the "Hold not needed after" fields.

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 19865: Add back horizontal scroll bar
Lucas Gass [Thu, 20 Jan 2022 21:45:49 +0000 (21:45 +0000)]
Bug 19865: Add back horizontal scroll bar

To test:
1. Do a Z39.50/SRU search
2. In the search results click on MARC to get the MARC preview. Choose
   something with lots of MARC data so it is both wide and long.
3. See the Y axis scrollbar
4. You must scroll bottom of the modal to see the X axis scrollbar,
   annoying.
5. Apply patch
6. Try steps 1-4 again. This time you should see the X axis scrollbar
   without having to scroll to the bottom.
7. It's not a bad idea to test in multiple browsers.

Note: I also put the CSS onto multiple lines to increase readability

Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29895: Fix 'add multiple items' button on neworderempty
Jonathan Druart [Mon, 17 Jan 2022 14:01:56 +0000 (15:01 +0100)]
Bug 29895: Fix 'add multiple items' button on neworderempty

Button [Add multiple items] stops responding when it's pressed and some multiple items added to basket

It has a "visibility: hidden" we are trying to remove setting "display:
inline"

This is pretty ugly and certainly does not clean the code, but it's too
messy and this patch fixes the problem easily.

Test plan:
Add a new order
Click "Add multiple items", enter "2", click "Add".
Confirm that you can use the "Add multiple items" again.

Signed-off-by: Samu Heiskanen <samu.heiskanen@hypernova.fi>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29809: Fix StockRotationStages.t
Jonathan Druart [Thu, 27 Jan 2022 16:13:32 +0000 (17:13 +0100)]
Bug 29809: Fix StockRotationStages.t

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29809: (follow-up) Update tests and rename variable
Nick Clemens [Tue, 18 Jan 2022 11:55:59 +0000 (11:55 +0000)]
Bug 29809: (follow-up) Update tests and rename variable

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29809: Update stockration tool to reflect method name change
Martin Renvoize [Thu, 6 Jan 2022 13:58:26 +0000 (13:58 +0000)]
Bug 29809: Update stockration tool to reflect method name change

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29809: Rename item relation accessor from itemnumber
Martin Renvoize [Thu, 6 Jan 2022 13:49:37 +0000 (13:49 +0000)]
Bug 29809: Rename item relation accessor from itemnumber

This patch renames the item relation accessor method in
StockRotationItem to 'item' from 'itemnumber' to more clearly reflect
that the method returns a Koha::Item object and not an itemnumber.

Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29906: (follow-up) Clarify actual code use
Martin Renvoize [Thu, 20 Jan 2022 15:15:14 +0000 (15:15 +0000)]
Bug 29906: (follow-up) Clarify actual code use

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29906: fix when hold record forcibly gets unwanted "suspended" state
Petro Vashchuk [Wed, 19 Jan 2022 16:01:15 +0000 (18:01 +0200)]
Bug 29906: fix when hold record forcibly gets unwanted "suspended" state

This code allows for "Perl false" to pass through to $suspended_until
if it is in $hold->suspend_until and in $body->{suspended_until}
But in case of "Perl truth" it calls dt_from_string for that value.

Reproduction:
1. run provided test in kshell: prove t/db_dependent/api/v1/holds.t
2. see the test fails with something like:
    #   Failed test 'Location change shouldn't touch suspended status'
    #   at t/db_dependent/api/v1/holds.t line 1067.
    #          got: '1'
    #     expected: '0'

    #   Failed test 'suspended_until should be undef'
    #   at t/db_dependent/api/v1/holds.t line 1068.
    #          got: '2022-01-20 00:00:00'
    #     expected: undef
    # Looks like you failed 2 tests of 39.
3. apply the changes in this patch to Koha/REST/V1/Holds.pm
4. run provided test in kshell: prove t/db_dependent/api/v1/holds.t
5. test will pass.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29862: Add missing txn begin/rollback in TestBuilder.t
Jonathan Druart [Mon, 17 Jan 2022 10:40:00 +0000 (11:40 +0100)]
Bug 29862: Add missing txn begin/rollback in TestBuilder.t

It fixes the tests when SearchEngine=ES
 t/db_dependent/TestBuilder.t .. 7/15 Invalid MARC field expression: l5ffglZ_upqqcwOvaiyALgXfyJw2Ot2AGRPUsiAPzSFHfd8J_hsnuQ8z75B8RKc_kyo2rFBp8BrPNwcM1FPhc01ngP01HU_Z7Rx1VHfcIcmrifYnjBDWNmYB9N5_4xEnxMH7ZhqC9b2Bz9wf9
 wSEmx64x6t5xFFKX at /kohadevbox/koha/C4/Biblio.pm line 306.
     # Looks like you planned 12 tests but ran 6.

 #   Failed test 'Tests for delete method'
 #   at t/db_dependent/TestBuilder.t line 302.
 Can't call method "biblionumber" on an undefined value at t/db_dependent/TestBuilder.t line 281.
 # Looks like your test exited with 11 just after 8.

Previous subtest created invalid date in the ES mappings.

Test plan:
Set SearchEngine=ES and run the tests, they must pass.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29779: Make selenium tests return green even if lib is missing
Jonathan Druart [Mon, 3 Jan 2022 11:38:29 +0000 (12:38 +0100)]
Bug 29779: Make selenium tests return green even if lib is missing

Some selenium tests are not correctly written and they fail is
Selenium::Remote::Driver is missing.

Test plan:
1. Remove the lib rm `pmpath Selenium::Remote::Driver`
2. prove t/db_dependent/selenium/
should return green

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29482: Replace the term branch with library
Owen Leonard [Tue, 18 Jan 2022 12:46:51 +0000 (12:46 +0000)]
Bug 29482: Replace the term branch with library

This patch replaces the word "branch" with the word "library" in the
self-checkout template, as per terminology guidelines.

To test, apply the patch and go to Administration -> System preferences.

- Set the "IndependentBranches" preference to "Yes."
- Log into the self checkout system using a staff user with permission
  to do self-checkout but not superlibrarian status.
- Try to check out an item which belongs to a library that's different
  to the one you're logged in with.
- You should see a message, "Item cannot be checked out," including the
  text "This item belongs to another library."

Signed-off-by: David Nind <david@davidnind.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29562: (follow-up) typo $tem in opac-reserve.pl
Fridolin Somers [Tue, 1 Feb 2022 00:54:30 +0000 (14:54 -1000)]
Bug 29562: (follow-up) typo $tem in opac-reserve.pl

Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29562: Test $item instead of $itemNum
Jonathan Druart [Mon, 10 Jan 2022 12:56:30 +0000 (13:56 +0100)]
Bug 29562: Test $item instead of $itemNum

Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29562: Fix DecreaseLoanHighHolds.t
Jonathan Druart [Mon, 10 Jan 2022 12:39:35 +0000 (13:39 +0100)]
Bug 29562: Fix DecreaseLoanHighHolds.t

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29562: (follow-up) Fix API controller
Tomas Cohen Arazi [Mon, 10 Jan 2022 11:01:20 +0000 (08:01 -0300)]
Bug 29562: (follow-up) Fix API controller

This patch fixes tests failures due to bad checks in the controller.
The tests deserve to be rewritten.

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>
2 years agoBug 29562: Adjust CanItemBeReserved and checkHighHolds to take objects
Nick Clemens [Tue, 23 Nov 2021 19:56:52 +0000 (19:56 +0000)]
Bug 29562: Adjust CanItemBeReserved and checkHighHolds to take objects

Most of the changes here are simple, this can be read to view the changes

Testing that holds can be placed via staff client, and opac, and are disallowed
when expected is the best test plan, beyond running the unit tests

Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Fridolin Somers <fridolin.somers@biblibre.com>